<?php
include(PUNG_ROOT . '/config.php');
include(PUNG_ROOT . '/system/class/db.class.php');

$db = new DB(DB_HOST, DB_USER, DB_PASS, DB_NAME);

if($_POST['doLogin']){
	$username = $_POST['uname'];
	$password = $_POST['pwd'];
	

	$user_query = $db->db_query("SELECT user_group_id,user_id,username FROM user WHERE username = '".$username."' AND password = '".md5($password)."'");
	
	if($db->db_rows()){
		$user_rs = $db->result();
		$_SESSION['username'] = $user_rs['username'];
		$_SESSION['user_id'] = $user_rs['user_id'];
		$_SESSION['group_id'] = $user_rs['user_group_id'];
		$_SESSION['doLogin']['user'] = true;
		
		$user_permission = $db->db_query("SELECT * FROM permission");
		while($all_permission = $db->result()){
			$_SESSION[$all_permission['permission_type']][] = $all_permission['page'];
		}
		
		echo '{"status":"1"}';
	}else{
		echo '{"status":"0"}';
	}
	
	$db->closedb();
}
?>